CVE-2007-4550

Name of the Vulnerable Software and Affected Versions ALPass versions 2.7 through 3.02

Description The issue allows user-assisted remote attackers to execute arbitrary code via format string specifiers in an fnm field in a folder-name record in an ALPASS DB (APW) file.

Recommendations For ALPass version 2.7, update to a version later than 2.7 to resolve the issue. For ALPass version 3.02 Korean, update to a version later than 3.02 to resolve the issue. As a temporary workaround, consider restricting access to ALPASS DB (APW) files to minimize the risk of exploitation.